English | Deutsch | Español
 
Startseite ▼
Startseite Über uns Kontact Datenschutz Partnerprogramme Zeugnisse In der Presse Mailinglisten Missbrauch Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
Sicherheits
Überprüfungs ▼
Home Dediziert Erweitert Standard Wiederkehrend Risikolos Desktop Basis Sicherheits Segal FAQ Preis/Funktionszusammenfassung Bestellen Neue Anfälligkeiten Alle Anfälligkeiten Vertraulichkeit Anfälligkeiten Suche Durchführen Terminkalender IP Permissions Maßgeschneidert Warteschlange Erinnerer Siegel Berichte Berichts Stil
Verwaltetes
DNS ▼
Info Bestellen/Erneuern FAQ AUP Dynamic DNS Clients
Domaine konfigurieren Dyanmic DNS Update Password
Netzwerk
Überwachung ▼
Enterprise Erweiterte Standard Gratis Test FAQ Preis/Funktionszusammenfassung Bestellen Beispiele
Konfigurieren/Status Alarm Profile
Recherce
Berichte ▼
Home FAQ Glossary Archive
 Anmeldung/Registrierung 
 
 Anfälligkeitssuche        Suche in 219043 CVE Beschreibungen
und 99761 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

Test Kennung:1.3.6.1.4.1.25623.1.0.50655
Kategorie:Mandrake Local Security Checks
Titel:Mandrake Security Advisory MDKSA-2004:015-1 (kernel)
Zusammenfassung:NOSUMMARY
Beschreibung:Description:

The remote host is missing an update to kernel
announced via advisory MDKSA-2004:015-1.

Paul Staretz discovered a flaw in return value checking in the
mremap() function in the Linux kernel, versions 2.4.24 and previous
that could allow a local user to obtain root privileges.

A vulnerability was found in the R128 DRI driver by Alan Cox. This
could allow local privilege escalation.

A flaw in the ncp_lookup() function in the ncpfs code (which is used
to mount NetWare volumes or print to NetWare printers) was found by
Arjen van de Ven that could allow local privilege escalation.

The Vicam USB driver in Linux kernel versions prior to 2.4.25 does
not use the copy_from_user function to access userspace, which crosses
security boundaries. This problem does not affect the Mandrake Linux
9.2 kernel.

Additionally, a ptrace hole that only affects the amd64/x86_64
platform has been corrected.

The provided packages are patched to fix these vulnerabilities. All
users are encouraged to upgrade to these updated kernels.

To update your kernel, please follow the directions located at:

http://www.mandrakesecure.net/en/kernelupdate.php

Update:

Kernels for Corporate Server 2.1/x86_64 are now available.

Affected versions: Corporate Server 2.1

Solution:
To upgrade automatically use MandrakeUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.

http://www.securityspace.com/smysecure/catid.html?in=MDKSA-2004:015-1
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0003
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0010
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0075
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0077

Risk factor : High

CVSS Score:
7.2

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2004-0003
BugTraq ID: 9570
http://www.securityfocus.com/bid/9570
Computer Incident Advisory Center Bulletin: O-082
http://www.ciac.org/ciac/bulletins/o-082.shtml
Computer Incident Advisory Center Bulletin: O-121
http://www.ciac.org/ciac/bulletins/o-121.shtml
Computer Incident Advisory Center Bulletin: O-126
http://www.ciac.org/ciac/bulletins/o-126.shtml
Computer Incident Advisory Center Bulletin: O-127
http://www.ciac.org/ciac/bulletins/o-127.shtml
Computer Incident Advisory Center Bulletin: O-145
http://www.ciac.org/ciac/bulletins/o-145.shtml
Debian Security Information: DSA-479 (Google Search)
http://www.debian.org/security/2004/dsa-479
Debian Security Information: DSA-480 (Google Search)
http://www.debian.org/security/2004/dsa-480
Debian Security Information: DSA-481 (Google Search)
http://www.debian.org/security/2004/dsa-481
Debian Security Information: DSA-482 (Google Search)
http://www.debian.org/security/2004/dsa-482
Debian Security Information: DSA-489 (Google Search)
http://www.debian.org/security/2004/dsa-489
Debian Security Information: DSA-491 (Google Search)
http://www.debian.org/security/2004/dsa-491
Debian Security Information: DSA-495 (Google Search)
http://www.debian.org/security/2004/dsa-495
http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:029
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1017
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A834
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9204
http://www.redhat.com/support/errata/RHSA-2004-044.html
http://www.redhat.com/support/errata/RHSA-2004-065.html
http://www.redhat.com/support/errata/RHSA-2004-106.html
http://www.redhat.com/support/errata/RHSA-2004-166.html
http://secunia.com/advisories/10782
http://secunia.com/advisories/10911
http://secunia.com/advisories/10912
http://secunia.com/advisories/11202
http://secunia.com/advisories/11361
http://secunia.com/advisories/11362
http://secunia.com/advisories/11369
http://secunia.com/advisories/11370
http://secunia.com/advisories/11376
http://secunia.com/advisories/11464
http://secunia.com/advisories/11891
http://secunia.com/advisories/12075
SuSE Security Announcement: SuSE-SA:2004:005 (Google Search)
http://www.novell.com/linux/security/advisories/2004_05_linux_kernel.html
TurboLinux Advisory: TLSA-2004-14
http://www.turbolinux.com/security/2004/TLSA-2004-14.txt
XForce ISS Database: linux-r128-gain-priviliges(15029)
https://exchange.xforce.ibmcloud.com/vulnerabilities/15029
Common Vulnerability Exposure (CVE) ID: CVE-2004-0010
BugTraq ID: 9691
http://www.securityfocus.com/bid/9691
Conectiva Linux advisory: CLA-2004:820
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000820
http://fedoranews.org/updates/FEDORA-2004-079.shtml
http://www.mandriva.com/security/advisories?name=MDKSA-2004:015
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1035
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11388
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A835
http://www.redhat.com/support/errata/RHSA-2004-069.html
http://www.redhat.com/support/errata/RHSA-2004-188.html
TurboLinux Advisory: TLSA-2004-05
http://www.securityfocus.com/advisories/6759
XForce ISS Database: linux-ncplookup-gain-privileges(15250)
https://exchange.xforce.ibmcloud.com/vulnerabilities/15250
Common Vulnerability Exposure (CVE) ID: CVE-2004-0075
BugTraq ID: 9690
http://www.securityfocus.com/bid/9690
Conectiva Linux advisory: CLA-2004:846
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000846
http://frontal2.mandriva.com/security/advisories?name=MDKSA-2004:015
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A836
http://www.redhat.com/support/errata/RHSA-2005-293.html
XForce ISS Database: linux-vicam-dos(15246)
https://exchange.xforce.ibmcloud.com/vulnerabilities/15246
Common Vulnerability Exposure (CVE) ID: CVE-2004-0077
BugTraq ID: 9686
http://www.securityfocus.com/bid/9686
Bugtraq: 20040218 Second critical mremap() bug found in all Linux kernels (Google Search)
http://marc.info/?l=bugtraq&m=107711762014175&w=2
CERT/CC vulnerability note: VU#981222
http://www.kb.cert.org/vuls/id/981222
Debian Security Information: DSA-438 (Google Search)
http://www.debian.org/security/2004/dsa-438
Debian Security Information: DSA-439 (Google Search)
http://www.debian.org/security/2004/dsa-439
Debian Security Information: DSA-440 (Google Search)
http://www.debian.org/security/2004/dsa-440
Debian Security Information: DSA-441 (Google Search)
http://www.debian.org/security/2004/dsa-441
Debian Security Information: DSA-442 (Google Search)
http://www.debian.org/security/2004/dsa-442
Debian Security Information: DSA-444 (Google Search)
http://www.debian.org/security/2004/dsa-444
Debian Security Information: DSA-450 (Google Search)
http://www.debian.org/security/2004/dsa-450
Debian Security Information: DSA-453 (Google Search)
http://www.debian.org/security/2004/dsa-453
Debian Security Information: DSA-454 (Google Search)
http://www.debian.org/security/2004/dsa-454
Debian Security Information: DSA-456 (Google Search)
http://www.debian.org/security/2004/dsa-456
Debian Security Information: DSA-466 (Google Search)
http://www.debian.org/security/2004/dsa-466
Debian Security Information: DSA-470 (Google Search)
http://www.debian.org/security/2004/dsa-470
Debian Security Information: DSA-475 (Google Search)
http://www.debian.org/security/2004/dsa-475
Debian Security Information: DSA-514 (Google Search)
http://www.debian.org/security/2004/dsa-514
http://security.gentoo.org/glsa/glsa-200403-02.xml
http://isec.pl/vulnerabilities/isec-0014-mremap-unmap.txt
http://www.osvdb.org/3986
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A825
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A837
http://www.redhat.com/support/errata/RHSA-2004-066.html
http://www.slackware.com/security/viewer.php?l=slackware-security&y=2004&m=slackware-security.404734
http://marc.info/?l=bugtraq&m=107712137732553&w=2
http://marc.info/?l=bugtraq&m=107755871932680&w=2
TurboLinux Advisory: TLSA-2004-7
http://archives.neohapsis.com/archives/vulnwatch/2004-q1/0040.html
XForce ISS Database: linux-mremap-gain-privileges(15244)
https://exchange.xforce.ibmcloud.com/vulnerabilities/15244
CopyrightCopyright (c) 2005 E-Soft Inc. http://www.securityspace.com

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.

Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.



© 1998-2024 E-Soft Inc. Alle Rechte vorbehalten.